CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-4042 – Ghostscript: incomplete fix for cve-2020-16305
https://notcve.org/view.php?id=CVE-2023-4042
A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8. • https://access.redhat.com/errata/RHSA-2023:7053 https://access.redhat.com/security/cve/CVE-2023-4042 https://bugzilla.redhat.com/show_bug.cgi?id=1870257 https://bugzilla.redhat.com/show_bug.cgi?id=2228151 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-3930 – QEMU: off-by-one error in mode_sense_page() in hw/scsi/scsi-disk.c
https://notcve.org/view.php?id=CVE-2021-3930
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition. Se ha encontrado un error "off-by-one" en la emulación de dispositivos SCSI en QEMU. Podía ocurrir mientras eran procesados comandos MODE SELECT en mode_sense_page() si el argumento "page" era establecido como MODE_PAGE_ALLS (0x3f). • https://bugzilla.redhat.com/show_bug.cgi?id=2020588 https://lists.debian.org/debian-lts-announce/2022/04/msg00002.html https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://security.gentoo.org/glsa/202208-27 https://security.netapp.com/advisory/ntap-20220225-0007 https://access.redhat.com/security/cve/CVE-2021-3930 • CWE-193: Off-by-one Error •
CVSS: 6.5EPSS: 0%CPEs: 27EXPL: 1CVE-2021-3733 – python: urllib: Regular expression DoS in AbstractBasicAuthHandler
https://notcve.org/view.php?id=CVE-2021-3733
There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability. Se presenta un fallo en la clase AbstractBasicAuthHandler de urllib. Un atacante que controle un servidor HTTP malicioso al que se conecte un cliente HTTP (como un navegador web), podría desencadenar una Denegación de Servicio por Expresión Regular (ReDOS) durante una petición de autenticación con una carga útil especialmente diseñada que sea enviada por el servidor al cliente. • https://bugs.python.org/issue43075 https://bugzilla.redhat.com/show_bug.cgi?id=1995234 https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb https://github.com/python/cpython/pull/24391 https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html https://security.netapp.com/advisory/ntap-20220407-0001 https://ubuntu.com/security/CVE-2021-3733 https://access.redhat.com/security/cve/CVE-2021-3733 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 27EXPL: 1CVE-2021-3737 – python: urllib: HTTP client possible infinite loop on a 100 Continue response
https://notcve.org/view.php?id=CVE-2021-3737
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo en python. Una respuesta HTTP manejada inapropiadamente en el código del cliente HTTP de python puede permitir a un atacante remoto, que controle el servidor HTTP, hacer que el script del cliente entre en un bucle infinito, consumiendo tiempo de CPU. • https://bugs.python.org/issue44022 https://bugzilla.redhat.com/show_bug.cgi?id=1995162 https://github.com/python/cpython/pull/25916 https://github.com/python/cpython/pull/26503 https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html https://security.netapp.com/advisory/ntap-20220407-0009 https://ubuntu.com/security/CVE-2021-3737 • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2020-27842 – openjpeg: null pointer dereference in opj_tgt_reset function in lib/openjp2/tgt.c
https://notcve.org/view.php?id=CVE-2020-27842
There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability. Se presenta un fallo en el codificador t2 de openjpeg en versiones anteriores a 2.4.0. Un atacante que sea capaz de proporcionar una entrada diseñada para ser procesada por openjpeg podría causar una desreferencia del puntero null. • https://bugzilla.redhat.com/show_bug.cgi?id=1907513 https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJUPGIZE6A4O52EBOF75MCXJOL6MUCRV https://security.gentoo.org/glsa/202101-29 https://www.debian.org/security/2021/dsa-4882 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://access.redhat.com/security/cve/CVE-2020-27842 • CWE-125: Out-of-bounds Read •